Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp2196243imm; Sat, 9 Jun 2018 09:44:55 -0700 (PDT) X-Google-Smtp-Source: ADUXVKI/sxN60Z33IONXyqy5fLJe9rlP8OoSV51BsAK5ywkyoDyWx3II/Odgw9LtsR4vz0jya9EJ X-Received: by 2002:a63:7205:: with SMTP id n5-v6mr1224066pgc.337.1528562695663; Sat, 09 Jun 2018 09:44:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528562695; cv=none; d=google.com; s=arc-20160816; b=kDuBLUg9DKS2i30+EvFmpfubK7UdxojUpfr07270bqSEGXFmm5LBbPV/2zrbWOZhX0 4NfknxO6agIvuH4lMlBjJUOv6vvyimXlMKoHCDsi/iqukZ1Me/dnREtViHplaeKJT+EP ry/6op9cJFGhVPjz5/E3xYgDhD5k2kFfqeb0/gVhyMfn/FiuHEn6i9CEZ4xP2zz+GFbQ K9+DjdRkXOxnoZHsNB5Ueeop1y72a0EbzB176DdHjOpZvrbFJb8wIrPzJCu3T9ZJa5aj srcugz+SU5cFJLDY+nFnL9iOCKMOcz1GVdNh0ESyvIRoHOwUDMfh+Snhom+UeopaTUmf Bx7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :arc-authentication-results; bh=wRuCGGQgIOmfaSJCLpDDnj75i9/OH7/6BI108HIAn6M=; b=VtLFZGEBC1esH3sn/QLrJZhDc2ocjvB2WKO9By9qTYVb3NlaQ5Gg3NjwJ7UAfPDR2y kMhlNpFsQsVvBb3ps2SS6AUI37IHzkOKK7KMehETi+ph8seTFvNWhm+Kp3lsIkd41ZeO LapWnxiINds64uldpSU1+hu7IyyhcNaqpiPkbcYoOkC7m/gimjQ2rUFOPNrZRJEB4Lun L8Xeyza34vGPxP6z0t2EXwqjsuPH7NEGJ/tVvAXMrkUJjc1m1drgJcFl8v6lmfvVAo8q 1GLkyt/8zLxUbJN3bW3rk1I+xzj4TkW0v2Zx4lUc9JKCE94QJA2caqkb2FAcfJTJNoRl 8WgQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g15-v6si38365936plq.242.2018.06.09.09.44.41; Sat, 09 Jun 2018 09:44:55 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753432AbeFIQoP (ORCPT + 99 others); Sat, 9 Jun 2018 12:44:15 -0400 Received: from bran.ispras.ru ([83.149.199.196]:23747 "EHLO smtp.ispras.ru" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753357AbeFIQoO (ORCPT ); Sat, 9 Jun 2018 12:44:14 -0400 X-Greylist: delayed 320 seconds by postgrey-1.27 at vger.kernel.org; Sat, 09 Jun 2018 12:44:14 EDT Received: from myklebust.intra.ispras.ru (unknown [10.10.2.207]) by smtp.ispras.ru (Postfix) with ESMTP id 56976203BF; Sat, 9 Jun 2018 11:11:59 +0300 (MSK) From: Anton Vasilyev To: Greg Kroah-Hartman Cc: Anton Vasilyev , Johannes Thumshirn , Gaurav Pathak , Hannes Reinecke , Sinan Kaya , devel@driverdev.osuosl.org, linux-kernel@vger.kernel.org, ldv-project@linuxtesting.org Subject: [PATCH] staging: rts5208: add check on NULL before dereference Date: Sat, 9 Jun 2018 19:38:29 +0300 Message-Id: <20180609163829.30619-1-vasilyev@ispras.ru> X-Mailer: git-send-email 2.17.1 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org If rtsx_probe fails to allocate dev->chip, then NULL pointer dereference occurs at rtsx_release_resources(). Patch adds checks chip on NULL before its dereference at rtsx_release_resources and passing with dereference inside rtsx_release_chip. Found by Linux Driver Verification project (linuxtesting.org). Signed-off-by: Anton Vasilyev --- drivers/staging/rts5208/rtsx.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/drivers/staging/rts5208/rtsx.c b/drivers/staging/rts5208/rtsx.c index 70e0b8623110..952dd0d580cf 100644 --- a/drivers/staging/rts5208/rtsx.c +++ b/drivers/staging/rts5208/rtsx.c @@ -623,12 +623,13 @@ static void rtsx_release_resources(struct rtsx_dev *dev) if (dev->irq > 0) free_irq(dev->irq, (void *)dev); - if (dev->chip->msi_en) + if (dev->chip && dev->chip->msi_en) pci_disable_msi(dev->pci); if (dev->remap_addr) iounmap(dev->remap_addr); + if (dev->chip) + rtsx_release_chip(dev->chip); - rtsx_release_chip(dev->chip); kfree(dev->chip); } -- 2.17.1